Considering a financial audit? We’ll review financial audits of condominium associations (Chapter 514B). There is no audit requirement for Planned Community Associations (Chapter 421J).
Most Board of Directors of condominium associations and their managing agents do not give much thought to the auditor’s report. As long as the auditor issues a “clean opinion” it would seem that everything is okay. Typically, there is no follow-up meeting with the auditor and a member(s) of the Board after the audit report is issued.
Perhaps, the most significant oversight exercised by a Board and a managing agent over an association’s operations is fiscal in nature. Except for policies and guidelines, nearly every decision made by a Board impacts the cost of the operation that, in turn, affects the maintenance fees paid by unit owners. It is important that Board members have an understanding of the audit process since it impacts internal control policies, fraud prevention, budgets, replacement reserve funding and many other aspects of the association’s operations.
As a practicing CPA and former auditor, the author is all too familiar with substandard audits of condominium associations. Some auditors do not perform a review of the client’s internal control system; they issue audit reports that do not follow the reporting standards for homeowner associations; the audit report deviates from generally accepting accounting standards; there is no verification of balance sheet accounts, and numerous other audit deficiencies.
Board members are ultimately responsible for all aspects of the association’s operations. A good auditor’s report and an understanding of the audit process and its limitations can help the Board to achieve good governance.
Hawaii Requirements for an Audit of Homeowner Associations
Chapter 514B-150, Association fiscal matters; audits, audited financial statement, states that
“…The association shall require an annual audit of the association financial accounts and no less than one annual unannounced verification of the association’s cash balance by a public accountant; provided that if the association is comprised of less than twenty units, the annual audit and the annual unannounced cash balance verification may be waived at an association meeting by a vote of a majority of the unit owners.”
Audits of Condominium Associations Can Only Be Performed by a Public Accountant
An audit can only be performed by a “public accountant.” There are only two types of public accountants recognized in the State of Hawaii: Public Accountant (PA) and Certified Public Accountant (CPA). The former were grandfathered when the public accountancy law, HRS § 466-5, Public Accountancy, was adopted. As a practical matter today, only a CPA can perform an audit of an entity’s financial statement. The licensing and conduct of a CPA are governed by the Hawaii Board of Accountancy who, in turn, looks to the American Institute of Certified Public Accountants (AICPA) to establish ethical guidelines, auditing and reporting standards.
Definition of a Financial Audit
Auditing is defined as a systematic and independent examination of data, statements, records, operations and performances (financial or otherwise) of an enterprise for a stated purpose. In any audit the auditor perceives and recognizes the propositions, collects evidence, evaluates the same and on this basis formulates his or her opinion which is communicated through his/her audit report.
Qualifications of an Auditor
Besides meeting all of the requisite legal, regulatory, knowledge and technical requirements, the auditor must, first and foremost, be independent of the client in fact and appearance. Independence means that an auditor cannot make or participate in management decisions that may have an effect on the operations of the client.
It has been said by several experts that the public accounting profession probably has more standards than any other profession. A CPA in the practice of public accounting must be familiar with voluminous standards, knowledge of accounting principles, reporting requirements as well as related issues such as income taxes, financial planning, and nearly all aspects of business, including the operation of condominiums.
In order to practice public accounting in Hawaii, every CPA firm must undergo a peer review every 3 years. This new law requires that all CPA firms performing audits as of 12/31/14 must have a peer review performed by 12/31/17. Prior to this new law, CPA firms that did not belong to the AICPA were not required to undergo a peer review. As a result, many association audits performed by firms not subject to a peer review were deficient.
The selection of an outside auditor should, at the very least, require that the auditor have undergone a peer review. All submissions by an auditor under a request for proposal should include a copy of their peer review report. The peer review report is public record.
Auditor’s Examination, Testing of the Financial Records and Internal Controls
Auditors perform two types of testing of financial transactions: 1) balance sheet testing and, 2) transactions testing. Auditors do not examine every financial transaction as this would be too costly for the client. Instead, they use statistical techniques to develop an expectation of the total amount of errors.
The amount of testing depends on the client’s level of internal control. In other words, the auditor must assess the level of risk based on the internal control policies adopted by the client – a poor internal control system means that more testing must be done. If the total amount of errors discovered in the audit process falls below the preselected materiality limit, then the auditor will likely issue an unmodified opinion letter.
However, the auditor is required to do more than examine and test the financial transactions. Additional testing may include reviewing of contracts and agreements, determining that the internal controls adopted by management are actually being followed, and tests to discover fraud.
Fraud, Limitations of a “Regular” Audit, Forensic Audits
If we had absolute assurance that the financial transactions of an entity were always without errors and that management always conducted business ethically and in accordance with the law there would be no need for an audit. Unfortunately, we do not live in this utopian environment. As a result, auditors today must actively search for fraud, whether they are financial, regulatory or perpetuated by management.
A so-called “regular” audit will likely not uncover certain types of fraud:
- Unrecorded receipts;
- Unrecorded liabilities;
- Collusion among those charged with handling financial transactions.
- Regulatory violations; and,
- Management fraud;
In the author’s opinion, most frauds are not discovered by a regular audit whose goal is to ensure that the audited financial statements contain no material errors and are reported on a consistent basis. Generally, frauds are discovered by “accident.” This typically happens when a co-worker or supervisor notices an anomalous transaction/event or where balance sheet accounts are out of balance or a whistleblower comes forward with an allegation. If fraud is suspected, then a forensic audit may be needed. This type of audit is more focused in that it is specifically designed to uncover fraud.
Someone committing a financial fraud usually has three characteristics:
- Incentive;
- Opportunity; and,
- Rationalization.
In addition, studies on convicted embezzlers have shown that these individuals have the following characteristics:
- They were the most trusted; and,
- He or she was employed for a long period of time.
Types of Audit Opinion Letters; Management Letters
Generally, there are three types of audit opinion letters:
- Unmodified;
- Qualified; and,
- Adverse.
A fourth option, a disclaimer, is one where the auditor is forced to withdraw from the audit engagement because the books are in disarray or where there is no cooperation from management. Associations should always expect that the auditor’s opinion letter will be unmodified (sometimes called a “clean opinion.).
The form and wording of the auditor’s opinion is prescribed by the AICPA. Any deviations, other than the name of the client and the date, must be explained.
An auditor can issue an unmodified opinion and still have issues with aspects of the client’s internal control deficiencies, policies and various aspects of the operation or management of the entity. If these deficiencies are material, then the auditor may issue a management letter and suggest ways to improve or prevent them.
Generally Accepted Accounting Principles, Auditing Standards and Financial Reporting Standards
In the United States, Generally Accepted Accounting Principles (GAAP), financial reporting standards and the disclosure notes to the financial statements are determined by the Financial Accounting Standards Board (FASB). The Generally Accepted Auditing Standards (GAAS) are determined by the AICPA.